May 2015 Cisco E-Zine

This is put together by members of the Cisco Technical Community to provide up‐to‐date technical information on Cisco Products, Technology and Services.

We hope you will find this edition useful and if you have any questions on the details included please ask your Arrowdawn Technical Contact for more information or drop an email to connect@arrowdawn.com.

EOS/EOL Notifications

End-of-Sale and End-of-Life Announcement for the Cisco 2960-S and 2960-SF Series Switches

End-of-Life and End-of-Support Announcement for Cisco Jabber for Windows Versions 9.2x and 9.6x

Breaking News

CISCO APIC WINS BEST OF INTEROP 2015 AWARD IN SDN CATEGORY

The Best of Interop Awards for 2015 were announced at the Interop Theater. Cisco APIC won the Best of Interop award in the SDN category. I want to extend my congratulations to the entire team at Insieme Network Systems Business Unit and recognize their hard work in developing this award-winning Product. Cisco appreciates the recognition from the Interop judges and it’s a great compliment to the recognition Cisco APIC is getting from its customers.

To learn more about this unique product, you can refer to the following posts:

April 27, 2015 – While the cost of a white-box and traditional switch are fairly similar from a capital expenditure point of view, Cisco analysis shows that white-box switches are more expensive when you include operational expenditures, such as the integration of third party software, tools and support costs. Cisco President Rob Lloyd and SDN expert Frank D’Agostino debunk the myth that white box switches save money.

At NAB 2015, Cisco will demonstrate how it is once again raising the bar with a new generation of all-IP virtualized video solutions that help media companies get new services and features to market faster, protect themselves from attack and reduce costs.

Companies such as Agnitio and ValidSoft have developed systems that are so precise they can distinguish between the voices of twin siblings and can even confirm you are who you say you are when you are calling from a mobile phone with plenty of noise in the background. Major banking groups, such as Barclays, are deploying these systems to ward off mounting levels of identity theft. “The uniqueness of a voice biometric, along with the fact that it can’t be removed, lost, counterfeited, or forgotten, made this an excellent solution and an advantage over knowledge-based verification or user IDs and passwords.”

Will Drive Growth, Improve Operational Efficiencies for Survival. Worldwide oil production is outpacing demand, and oil prices have fallen by more than 50 percent since June 2014. Many factors — including soft demand, increasing U.S. production and diminishing storage for crude oil — suggest that the days of $100- a-barrel oil may not return.

“Cisco Consulting Services estimated that the adoption cost of the Internet of Everything would be about

$180 billion for the industry. Over a 10-year period, the multiplier impact would be about three to four times when it’s translated to the global economy. That’s quite a positive multiplier impact.” —Kathy Bostjancic, Director, U.S. Macro Investor Services, Oxford Economics

RSA 2015 CISCO KEYNOTE: ADVANCED STRATEGIES FOR DEFENDING AGAINST A NEW BREED OF ATTACKS Watch Vice President and Chief Architect of Cisco’s Security Business Group, Martin Roesch’s keynote speech at the 2015 RSA event. Roesch outlines strategies to evolve security to include new approaches that address incidents efficiently, enable visibility, facilitate appropriate actions and support business growth.

Services portfolio. The Incident Response Service significantly strengthens your network and information security defenses. Using the latest intelligence and best practices, it introduces a process that engages all layers of defense and provides a comprehensive range of capabilities to help organisations prepare, manage, respond to, and recover from incidents quickly and effectively.

For more information, please see the Incident Response Services section at the link below:

Networking giant Cisco is teaming up with Elastica, a cloud security startup, in a move that will see the two firms combine their threat intelligence and cloud service monitoring technologies. The partnership will also see Cisco resell Elastica’s cloud application security and monitoring solution (CloudSOC) to its customers.

The combination of Cisco’s threat-centric security portfolio and Elastica’s innovation in cloud application security provides a unique opportunity. Our global customers gain additional levels of visibility and control for cloud applications and it enhances our portfolio of advanced cloud-delivered security offerings,” said Scott Harrell, vice president of product management, Cisco Security Business Group.

Just a few months ago, Cisco announced an innovative new feature called Intelligent traffic Director (ITD) on the Nexus 7000. ITD offers customers a hardware based multi-terabit load-balancing and traffic re- director solution unmatched in the industry.

Yesterday, at Interop, ITD was recognized for its industry leading innovation and capabilities with the best of Interop award in the data center category.

Since it’s introduction, the customer feedback has been nothing short of remarkable. ITD has gotten tremendous interest and traction from both Enterprise and Service providers who are using it to scale out Firewalls, IPS, Video Caching, Server Load Balancing, Professional Media Network devices, WAAS etc. ITD is helping businesses solve their real world problems and delivering significant value in terms of increased capabilities, scale while significantly lowering their lower Capex and Opex.

Based on the strong demand for ITD, Cisco is extending ITD across the Nexus portfolio starting with the Nexus 5000 and Nexus 9000 Series by the end of this month. We are also continuing to enhance ITD with a comprehensive roadmap which includes new features, support for enterprise and SP router/switches, new extensions for mobile operators and an ecosystem involving several partners.

Cisco Blogs

ANNOUNCING NEW NEXT GENERATION FIREWALL MODELS

Organisations of all sizes are facing increasing volumes of cyberattacks that place sensitive data and

intellectual property at risk. Next-generation firewalls (NGFWs) have historically been best deployed by larger organizations. Until now, small and medium-sized businesses have been underserved by either less effective unified threat management (UTM) solutions or faced the daunting integration and management costs of multiple point solutions.

Now, there’s a new way forward: Cisco has unveiled new models of Cisco ASA with FirePOWER Services for

SMB, midsize organizations, and branch offices.

The new ASA models deliver the same superior threat protection available with the larger enterprise-class

We would like to invite you to our next series of sessions focusing on Connecting to the Network in A Mobile World.

With an explosion of things being connected to the Network, it is critical the Network (WLAN, LAN and WAN ) has the correct innovation needed to support the increasing demands from your business. This TechHuddle will take you on a journey, from where you connect to the network, describing the latest in Cisco wireless switching and routing innovations that allow IT to reduce complexity and cost while still delivering business services at the speed your business requires.

You will also have the opportunity to connect with our experts; ask questions at this interactive session and gain insights from our subject matter experts

Learn more about Cisco DevNet, a portal providing everything a developer needs to integrate with and develop on top of Cisco OpenStack offerings, as well as resources for working with the OpenStack community.

Attend Our Technical Sessions Make the most of the OpenStack Summit by learning more about Cisco technologies and solutions that leverage the power of OpenStack. Hear about the benefits of Cisco Application Centric Infrastructure (ACI), where application policies are applied automatically to the underlying infrastructure to deliver cloud applications with greater speed and security. Learn about Cisco OpenStack Private Cloud (formerly Metacloud), a fully-managed, on-premises OpenStack environment that provides a public cloud-like experience for development teams building and scaling cloud native applications. See our entire list of sessions and make them a part of your schedule.

Talk with Cisco Experts

Arrange a meeting with Cisco executives and technical experts to get answers to your questions about Cisco solutions for OpenStack and Cisco Cloud Consulting Services. To schedule a private meeting, contact your Cisco representative.

CISCO ON CISCO WEBINARS

Take a look inside Cisco IT and join us for technical sessions, panel discussions and global webinars. Our IT experts share their insight, technical acumen and first hand experiences deploying and using Cisco products that yield tangible business benefits. You can also find Cisco IT subject matter experts at industry trade shows, conferences, and Cisco events worldwide.

Why not take a look inside Cisco IT ?

Find out how Cisco addresses many of the same IT challenges you face every day :

Our March edition of the 2015 Inside Cisco IT Webinar Series features Cisco IT Program Manager, Ken

Hankoff and Services Director, Robert Dimicco, who discuss CASPR – Cisco’s internal program that pulls together stakeholders from IT Risk Management, InfoSec, Legal/Compliance, Service Continuity/Resiliency, and Architecture. The program is tasked with reducing the risk associated with using Cloud Service Providers (SaaS, PaaS, IaaS, etc.).

Wave 2 of 802.11ac is coming and with it, wireless speeds that’ll eclipse today’s gigabit Ethernet. With the

right tools, you can use your current Cat5 cable to get all that speed and even prepare for future innovations. Check out this latest TechWiseTV episode now and learn what you will need to take full advantage of multigigabit wireless, including a look at Cisco’s deep involvement in driving the standards for 2.5 and 5 Gb/s Ethernet rates.

Cisco Multigigabit Ethernet is a unique Cisco innovation to the new Cisco Catalyst® Ethernet Access

Switches. With the enormous growth of 802.11ac and new wireless applications, wireless devices are driving the demand for more network bandwidth. This creates a need for a technology that supports speeds higher than 1 Gbps on all cabling infrastructure. Cisco multigigabit technology allows you to achieve bandwidth between speeds of 1 and 10 Gbps over traditional Cat 5e cabling or above.

Widespread proliferation of 802.11ac and new wireless applications and devices are driving the need for more network bandwidth. As the industry moves toward 802.11ac Wave 2, access points will require higher wireless bandwidth than 1 Gbps.

But existing cabling infrastructure could prevent many businesses from capitalizing on this growth. Much of the cabling deployed worldwide is limited to 1 Gbps at 100m. Cisco Multigigabit Ethernet enables speeds up to 5 Gbps on the same infrastructure without replacing a single cable. In addition to higher speeds, the technology also delivers UPOE (up to 60W) using a multi-gigabit port.

troubleshooting for high-scale deployments in service provider and large campus deployments. They are highly scalable and service-rich platforms, supporting 802.11ac Wave 2 medium-sized to large campus wireless deployments.

They offer flexibility to support multiple deployment modes in the same controller: for example, centralized mode for campus, Cisco FlexConnect mode for lean branches managed over the WAN, and mesh (bridge) mode for deployments where full Ethernet cabling is unavailable. As components of the Cisco Unified Wireless Network, these controllers provide real-time communication between Cisco Aironet access points, the Cisco Prime Infrastructure, and the Cisco Mobility Services Engine, and are interoperable with other Cisco controllers.

Deep-packet inspection: Identifies exploits that can lead to system compromise

Log analysis: Uncovers stealthy activity that may be spread across days, weeks, or months

After being exposed, advanced threats can be mitigated using:

Restricted access for compromised devices to network resources

Dynamic inline blocking

Endpoint-based remediation

Cisco CTD provides network-wide visibility by using telemetry from network devices, effectively turning the entire network into a security sensor. In turn, it provides very detailed levels of control by turning network devices into security enforcement points. Solution components and associated platforms for Cisco CTD are listed below :

The analyst research and press coverage tells us loud and clear that the WAN is hotter than ever, and for good reason: mobility, cloud and the digitization of the enterprise are changing how we consume and deliver applications. Even the applications themselves are changing, as we’ve seen with the rise of a whole new class of bandwidth-intensive and latency-sensitive mobile apps and video.

The next generation of the WAN will need to support a dynamic network, one that shifts from a focus on getting the most out of a single network pipe to one that manages application flows across a sophisticated multi-link WAN fabric to accommodate different applications with different needs accessed on an ever- growing number of mobile devices and connected things.

In reality, it’s even worse. In addition to every package being next day air, they all get sent back to

headquarters before going on to their actual destination, even if it’s just across town from the shipper.

Extending this a bit further, you can imagine a service whereby someone is able to get more stuff into the same size shipment (i.e., WAN optimization). Useful and valuable for sure, but what is clearly apparent is that the bigger opportunity lies in moving to a multi-modal transport model, and the same is true for the WAN – a reality echoed in recent report from Gartner, Hybrid will be the New Normal for Next GenerationEnterprise WAN.

Cisco has made several advancements over the last year to help customers enable a dynamic hybrid WAN.

Performance Routing (PfR) V3 complements all the application acceleration and WAN offload of Cisco WAAS by then selecting the best path based on metrics that very few vendors can provide (jitter, latency, packet loss), and easily scales across 2000 sites with pre-defined templates for application best practices.

Cisco WAAS with Akamai offers new levels of Web and mobile acceleration unlike any other vendor in the industry. We have taken Akamai’s platform that has solved the physical problem of degradation of application performance caused by distance between the user and applications, and have extended their intelligent caching to the branch office where most business face severe bandwidth constraints.

Cisco ISR 4000includes an award-winning architecture designed from the ground up to deliver on

the intelligent WAN vision, including running the full-suite of Cisco WAAS services natively on the platform with dedicated resources. This dramatically simplifies deployment and reduces branch operational complexity.

Collaboration News

CISCO ANNOUNCED AN EXCITING UPDATE TO CISCO WEBEX MEETINGS APP FOR IOS

Enhance productivity, accelerate sales cycles, and reduce time to market.

Scale meeting capacity from one to hundreds of concurrent participants.

Support quicker user adoption across the organization.

WEBEX EXTENSIONS AND CHROME BROWSERS

Google has announced that Netscape Plugin Application Programming Interface (NPAPI) support

will be completely removed from Chrome by the end of 2014. As part of Cisco’s commitment to providing a simple and easy way for users to join WebEx meetings; we are providing a new, alternative method to join meetings that does not require the use of NPAPI support. Our new join method will use a Chrome extension starting with Chrome 38. All previous versions of Chrome will still use the plugin.

WebEx Security Updates impact Jabber Clients configured to use WebEx Meetings PlugIn requiring customers to upgrade their clients to a supported version. The client applications that are listed in the Products Affected section are impacted only when configured for integration with the Cisco WebEx service. The client applications that are not configured for integration with the Cisco WebEx service are not impacted.

Cisco WebEx implements security changes that impact the affected applications. After the update, the applications that are older than the minimum version do not function properly.

T29 customers must update prior to June 5th

T28 customers must update prior to July 31st. Supported Clients are as follows

Cisco Cloud Networking and Services team is excited to announce the availability of Version 5.2(1)SV3(1.4) of Nexus1000V for vSphere. With this introduction, enterprise and cloud provider customers running the VMware vSphere version 6.0 will be able to leverage the distributed virtual firewall VSG, enhanced scale, expand VXLAN footprint in the datacenter, avail the architecture play offered by Cisco TrustSec and also leverage the simplicity offered by Cisco VSUM.

CISCO UCS AND INTEL XEON E7V3: BRINGING THE HORSEPOWER YOU NEED FOR ANALYTICS

Cisco UCS B460 M4 : Some CIO’s like their ERP systems the same way they like their cars: big, fast and German. Setting nationalities aside, IT pros craving more horsepower for something like SAP HANA need look no further than our UCS B460 M4 and C460 M4 servers, which now supports Intel’s new Xeon E7v3 processor family.

You may wonder why news like this is this important in an age where hardware is so often taken for granted. The answer is speed, in two flavors (i) Faster Applications and (ii) Fast IT

Organizations across the spectrum are working to become intelligence- driven throughout their operations, in real time, in order to create a perpetual and renewable competitive edge. Taking a long-term view in choosing the right infrastructure accomplish this important.

Back in the mid 1990’s when Cisco first launched the Catalyst 5000 LAN switching product range, the term “router on a stick” was created, where an external IOS router like the 7200 or 7500 acted as the inter VLAN routing point and external access to WAN services.

Initially these were dedicated 100 Mbps Fast Ethernet links, one per subnet or VLAN and then with the innovation of Inter-Switch Link (ISL) trunking, multiple VLANs could be carried across one link or at the time multiple Fast Ether-channel bundles (FEC) and then moving to 1 Gbps links and both ISL and 802.1Q trunking.

The external Cisco IOS router was essentially a route-processor and all inter- VLAN traffic had to flow through it. In order to increase Layer 3 performance the concept of Multilayer Switching was created, leveraging both route-processor (RP) and Netflow innovations (NFFC) directly into the Catalyst switch.

The whole principle of multi-layer switching (MLS) on the Catalyst 5000 was to allow dedicated ASIC hardware to perform L3 rewrites automatically, without the need for a route processor look up, therefore having greater L3 throughput whilst maintaining the correct L3 information and intelligence and Quality of Service. Comparing the Route-Processor and MLS switching from 1997 to OpenFlow switching and SDN of today, the concept and innovation of flow processing can clearly be seen and the contribution that Cisco has made over time and in the future.

OPEN DAYLIGHT CONTRIBUTIONS FROM CISCO

As a founding and platinum member of the Open Daylight community, Cisco is committed to donating software and engineering resources to the Open-Source project. As a long-standing participant in the open source community, Cisco is driving the growth of open source technologies, expanding the development of open standards, and investing resources to provide for sustainable innovation.

EOS/EOL Notifications

END-OF-SALE AND END-OF-LIFE ANNOUNCEMENT FOR THE CISCO 2960-S AND 2960-SF SERIES SWITCHES

Cisco announces the end-of-sale and end-of-life dates for the Cisco Catalyst 2960-S Series and 2960-SF Series Switches. The last day to order the affected product(s) is November 6, 2015.

Cisco is also announcing a price increase for Cisco Catalyst 2960S and 2960SF Series Switches effective May 9th, 2015.

The Catalyst 2960-X product family provides a direct replacement for each Catalyst 2960-S Series Gigabit Ethernet model, at the same price. 2960-X provides better architecture, features and performance than the 2960-S Series, scaling up the feature set by 2x.

Customers for Catalyst 2960-SF Fast Ethernet Series switches are encouraged to consider moving to the

2960-X family of switches. 2960-X provides the features of the Catalyst 2960-SF and more, including PoE+, improved IPv6 performance, and optional StackWise stacking.